- All Exams Instant Download
What FortiGate process caches logs when FortiAnalyzer is not reachable?
What FortiGate process caches logs when FortiAnalyzer is not reachable?A . logfiledB . sqlplugindC . oftpdD . miglogdView AnswerAnswer: D Explanation: Reference: https://forum.fortinet.com/tm.aspx?m=143106
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?
Which log type does the FortiAnalyzer indicators of compromise feature use to identify infected hosts?A . Antivirus logsB . Web filter logsC . IPS logsD . Application control logsView AnswerAnswer: A Explanation: The Indicators of Compromise (IoC) feature on FortiAnalyzer primarily utilizes Antivirus logs to identify infected hosts. Antivirus logs...
What is the most likely problem?
Logs are being deleted from one of the ADOMs earlier than the configured setting for archiving in the data policy. What is the most likely problem?A . CPU resources are too highB . Logs in that ADOM are being forwarded, in real-time, to another FortiAnalyzer deviceC . The total disk...
When you perform a system backup, what does the backup configuration contain? (Choose two.)
When you perform a system backup, what does the backup configuration contain? (Choose two.)A . Generated reportsB . Device listC . Authorized devices logsD . System informationView AnswerAnswer: B, D Explanation: https://help.fortinet.com/fa/cli-olh/5-6-5/Content/Document/1400_execute/backup.htm Reference: https://help.fortinet.com/fauth/5-2/Content/Admin%20Guides/5_2%20Admin%20Guide/300/301_Dashboard.htm
Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?
Which clause is considered mandatory in SELECT statements used by the FortiAnalyzer to generate reports?A . FROMB . LIMITC . WHERED . ORDER BYView AnswerAnswer: A Explanation: Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD48500
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)
In order for FortiAnalyzer to collect logs from a FortiGate device, what configuration is required? (Choose two.)A . Remote logging must be enabled on FortiGateB . Log encryption must be enabledC . ADOMs must be enabledD . FortiGate must be registered with FortiAnalyzerView AnswerAnswer: AD Explanation: Pg 70: “after you...
What does the status Initializing indicate about what the FortiAnalyzer is currently doing?
On the RAID management page, the disk status is listed as Initializing. What does the status Initializing indicate about what the FortiAnalyzer is currently doing?A . FortiAnalyzer is ensuring that the parity data of a redundant drive is validB . FortiAnalyzer is writing data to a newly added hard drive...
What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is temporarily unavailable?
You need to upgrade your FortiAnalyzer firmware. What happens to the logs being sent to FortiAnalyzer from FortiGate during the time FortiAnalyzer is temporarily unavailable?A . FortiAnalyzer uses log fetching to retrieve the logs when back onlineB . FortiGate uses the miglogd process to cache the logsC . The logfiled...
What can the CLI command # diagnose test application oftpd 3 help you to determine?
What can the CLI command # diagnose test application oftpd 3 help you to determine?A . What devices and IP addresses are connecting to FortiAnalyzerB . What logs, if any, are reaching FortiAnalyzerC . What ADOMs are enabled and configuredD . What devices are registered and unregisteredView AnswerAnswer: B Explanation:...
For which two purposes would you use the command set log checksum? (Choose two.)
For which two purposes would you use the command set log checksum? (Choose two.)A . To help protect against man-in-the-middle attacks during log upload from FortiAnalyzer to an SFTP serverB . To prevent log modification or tamperingC . To encrypt log communicationsD . To send an identical set of logs...
